# Contributor: kohnish <kohnish@gmx.com>
# Contributor: Michał Polański <michal@polanski.me>
# Maintainer: Michał Polański <michal@polanski.me>
pkgname=buildah
pkgver=1.34.0
pkgrel=1
pkgdesc="tool that facilitates building OCI container images"
url="https://github.com/containers/buildah"
license="Apache-2.0"
arch="all"
depends="oci-runtime shadow-subids slirp4netns containers-common"
makedepends="go go-md2man lvm2-dev gpgme-dev libseccomp-dev btrfs-progs-dev bash"
subpackages="$pkgname-doc"
options="!check" # tests require root privileges
source="https://github.com/containers/buildah/archive/v$pkgver/buildah-$pkgver.tar.gz
	ssh-implement-strict-KEX-protocol-changes.patch
	"

# secfixes:
#   1.34.0-r1:
#     - CVE-2023-48795
#   1.28.0-r0:
#     - CVE-2022-2990
#   1.21.3-r0:
#     - CVE-2021-3602
#   1.19.4-r0:
#     - CVE-2021-20206
#   1.14.4-r0:
#     - CVE-2020-10696

export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}"
export GOTMPDIR="${GOTMPDIR:-"$srcdir"}"
export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"

build() {
	# https://github.com/mattn/go-sqlite3/issues/1164
	export CGO_CFLAGS="$CFLAGS -D_LARGEFILE64_SOURCE"

	GIT_COMMIT="$pkgver" make
}

package() {
	GIT_COMMIT="$pkgver" make install PREFIX=/usr DESTDIR="$pkgdir"
}

sha512sums="
a3836ce540058f418131969e157d548864727398535e4e99a693d883419b8d764da7166f9b9376c2b9686d8beac101687843c2e93198b16328ef333ad96d55db  buildah-1.34.0.tar.gz
01a1d6e14787c1269bf36bf52df40ea8acb7acf859e4d2c859130aff10f7486085316db1f7c8c48cedebffe66ce39f647522798d159bd1bc27de08dd71648334  ssh-implement-strict-KEX-protocol-changes.patch
"
